Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

More flexible ca_path #15

Closed
gregburek opened this issue Apr 25, 2014 · 2 comments · Fixed by #18
Closed

More flexible ca_path #15

gregburek opened this issue Apr 25, 2014 · 2 comments · Fixed by #18

Comments

@gregburek
Copy link
Contributor

I found some documentation around using set_default_paths to allow for delegation to the OS for where the root ca's are. (From: http://mislav.uniqpath.com/2013/07/ruby-openssl/)

``
http.cert_store = OpenSSL::X509::Store.new
http.cert_store.set_default_paths


What do you think?
@gregburek gregburek mentioned this issue Apr 25, 2014
Merged
@jamesbouressa
Copy link

I am confused why the pagerduty gem should assume that the SSL defaults on a host are broken.

If the local ruby is broken, then the user should be able to use the various SSL_CERT_XXX env vars to fix themselves up.

Same with setting verify_mode. I would leave that up to the user of the gem.

@orien
Copy link
Member

orien commented May 17, 2014

Net::HTTP will take the OpenSSL defaults if we don't set anything. The gem will be much more flexible/usable across multiple systems if we don't set the ca_path attribute.

orien added a commit that referenced this issue May 17, 2014
@orien
Why set the ca_path? Let's use the default
fac482d 
Same for verify_depth
Fixes #15
@orien orien mentioned this issue May 19, 2014
Merged
@orien orien closed this as completed in #18 May 19, 2014
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Extract HTTP logic into a separate module envato/pagerduty
3 participants
@gregburek @orien @jamesbouressa